[Bro] bro ids icmp and attack signatures
Mostafa Abdallah. Ammar
mostafaammar at aast.edu
Thu May 5 07:42:32 PDT 2016
I am new to bro ids , I installed successfully bro ids , and added a tap to network to it , and for example if I accessed a website on a machine I can see in http.log the website I accessed and if the wqebsite is ssl i can see in ssl.lot and x509.log the certificate info
my question is :
I want when I ping i see a notification for this ping (I tried and could not find)
can I use signatures like snort with bro that generate logs when receiving an attack and generate log with signature ID
Please provide reply with some details as I am new to bro.
Eng. Mostafa Abdallah Ammar,Msc.
Information Security and Auditing Supervisor
CCIE security #23971
Arab Academy For Science And Technology & maritime Transport
Computer Networks & Data Center (CNDC)
Mobile: 002 01001983674
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro